Unverified Commit 0a3009bb authored by teor's avatar teor
Browse files

Stop inadvertently upgrading client intro connections to ntor

Also stop logging the intro point details on error by default.

Fixes #20012, introduced with ntor in tor 0.2.4.8-alpha.
parent e3bf8854
Loading
Loading
Loading
Loading

changes/bug20012

0 → 100644
+12 −0
Original line number Diff line number Diff line
  o Major bugfixes (hidden services):
    - Clients require hidden services to include the TAP keys
      for their intro points in the hidden service descriptor.
      This prevents an inadvertent upgrade to ntor, which a
      malicious hidden service could use to discover which
      consensus a client has.
      Fixes bug 20012; bugfix on 0.2.4.8-alpha. Patch by teor.
  o Minor bugfixes (hidden services):
    - Stop logging intro point details to the client log on
      certain error conditions.
      Fixed as part of bug 20012; bugfix on 0.2.4.8-alpha.
      Patch by teor.
+8 −33
Original line number Diff line number Diff line
@@ -1373,41 +1373,16 @@ rend_client_get_random_intro_impl(const rend_cache_entry_t *entry,
    smartlist_del(usable_nodes, i);
    goto again;
  }
  /* Do we need to look up the router or is the extend info complete? */
  /* All version 2 HS descriptors come with a TAP onion key.
   * Clients used to try to get the TAP onion key from the consensus, but this
   * meant that hidden services could discover which consensus clients have. */
  if (!extend_info_supports_tap(intro->extend_info)) {
    const node_t *node;
    extend_info_t *new_extend_info;
    if (tor_digest_is_zero(intro->extend_info->identity_digest))
      node = node_get_by_hex_id(intro->extend_info->nickname);
    else
      node = node_get_by_id(intro->extend_info->identity_digest);
    if (!node) {
      log_info(LD_REND, "Unknown router with nickname '%s'; trying another.",
               intro->extend_info->nickname);
    log_info(LD_REND, "The HS descriptor is missing a TAP onion key for the "
             "intro-point relay '%s'; trying another.",
             safe_str_client(extend_info_describe(intro->extend_info)));
    smartlist_del(usable_nodes, i);
    goto again;
  }
#ifdef ENABLE_TOR2WEB_MODE
    new_extend_info = extend_info_from_node(node, options->Tor2webMode);
#else
    new_extend_info = extend_info_from_node(node, 0);
#endif
    if (!new_extend_info) {
      const char *alternate_reason = "";
#ifdef ENABLE_TOR2WEB_MODE
      alternate_reason = ", or we cannot connect directly to it";
#endif
      log_info(LD_REND, "We don't have a descriptor for the intro-point relay "
               "'%s'%s; trying another.",
               extend_info_describe(intro->extend_info), alternate_reason);
      smartlist_del(usable_nodes, i);
      goto again;
    } else {
      extend_info_free(intro->extend_info);
      intro->extend_info = new_extend_info;
    }
    tor_assert(intro->extend_info != NULL);
  }
  /* Check if we should refuse to talk to this router. */
  if (strict &&
      routerset_contains_extendinfo(options->ExcludeNodes,